<?php

/*
 * To change this template, choose Tools | Templates
 * and open the template in the editor.
 */

function login($user, $password) {
    $link = getDbLink();
    $query = "SELECT `customer_id`,`email`,`firstname`,`lastname`,`password`,`salt` FROM  `oc_customer` WHERE `email`='" . $user . "'";
    $result = mysql_query($query, $link) or die('Errant query:  ' . $query);
    $records = array();
    header('Content-type: application/json');
    if (mysql_num_rows($result)) {
        while ($record = mysql_fetch_assoc($result)) {
            $userid = $record['customer_id'];
            $email = $record['email'];
            $first_name = $record['firstname'];
            $last_name = $record['lastname'];


            if ($record['password'] == (sha1($record['salt'] . sha1($record['salt'] . sha1($password))))) {
                session_start();
                $_SESSION['user_id'] = $userid;
                echo json_encode(array('result' => 'passed', 'userid' => $userid, 'email' => $email, 'firstName' => $first_name, 'lastName' => $last_name));
            } else {
                echo json_encode(array('result' => 'failed', 'userid' => -1, 'pwd' => $record['password'], 'entered' => (sha1($record['salt'] . sha1($record['salt'] . sha1('test'))))));
            }
        }
    } else {
        echo json_encode(array('result' => 'failed', 'userid' => -1));
    }
    closeDbLink($link);
}

?>
